The FreeBSD Project

The release notes for FreeBSD 5.2-RELEASE contain a summary of recent changes made to
the FreeBSD base system on the 5-CURRENT development branch. This document lists
applicable security advisories that were issued since the last release, as well as
significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading
are also presented.

This document contains the release notes for FreeBSD 5.2-RELEASE on the i386 hardware
platform. It describes recently added, changed, or deleted features of FreeBSD. It also
provides some notes on upgrading from previous versions of FreeBSD.

Users who are new to the 5-CURRENT series of FreeBSD releases should also read the
``Early Adopters Guide to FreeBSD 5.2-RELEASE''. This document can generally be found in
the same location as the release notes (either as a part of a FreeBSD distribution or on
the FreeBSD Web site). It contains important information regarding the advantages and
disadvantages of using FreeBSD 5.2-RELEASE, as opposed to releases based on the FreeBSD
4-STABLE development branch.

All users are encouraged to consult the release errata before installing FreeBSD. The
errata document is updated with ``late-breaking'' information discovered late in the
release cycle or after the release. Typically, it contains information on known bugs,
security advisories, and corrections to documentation. An up-to-date copy of the errata
for FreeBSD 5.2-RELEASE can be found on the FreeBSD Web site.

This section describes many of the user-visible new or changed features in FreeBSD
since 5.1-RELEASE. It includes items that are unique to the 5-CURRENT branch, as well as
some features that may have been recently merged to other branches (after FreeBSD
5.1-RELEASE). The latter items are marked as [MERGED].

Typical release note items document recent security advisories issued after
5.1-RELEASE, new drivers or hardware support, new commands or options, major bug fixes,
or contributed software upgrades. They may also list changes to major ports/packages or
release engineering practices. Clearly the release notes cannot list every single change
made to FreeBSD between releases; this document focuses primarily on security advisories,
user-visible changes, and major architectural improvements.

A single-byte buffer overflow in realpath(3) was
fixed. Although the fix was committed prior to FreeBSD 5.1-RELEASE (and thus 5.1-RELEASE
was not affected), it was not noted in the release documentation. See security advisory
FreeBSD-SA-03:08. [MERGED]

A bug that could allow the kernel to attempt delivery of invalid signals has been
fixed. The bug could have led to a kernel panic or, under some circumstances,
unauthorized modification of kernel memory. For more information, see security advisory
FreeBSD-SA-03:09. [MERGED]

A bug in the iBCS2 emulation module, which could result in disclosing the contents of
kernel memory, has been fixed. This module is not enabled in FreeBSD by default. For more
information, see security advisory FreeBSD-SA-03:10. [MERGED]

A buffer management bug in OpenSSH, which could potentially
cause a crash, has been fixed. More information can be found in security advisory FreeBSD-SA-03:12. [MERGED]

A buffer overflow in sendmail has been fixed. More
information can be found in security advisory FreeBSD-SA-03:13. [MERGED]

A bug that could allow the kernel to cause resource starvation which eventually
results in a system panic in the ARP cache code has been fixed. More information can be
found in security advisory FreeBSD-SA-03:14. [MERGED]

Several errors in the OpenSSH PAM challenge/response
authentication subsystem have been fixed. The impacts of these bugs vary; details can be
found in security advisory FreeBSD-SA-03:15. [MERGED]

A bug in procfs(5) and linprocfs(5),
which could result in disclosing the contents of kernel memory, has been fixed. More
information can be found in security advisory FreeBSD-SA-03:17. [MERGED]

Four separate security flaws in OpenSSL, which could allow
a remote attacker to crash an OpenSSL-using application or to
execute arbitrary code with the privileges of the application, have been fixed. More
information can be found in security advisory FreeBSD-SA-03:18. [MERGED]

A potential denial of service in BIND has been fixed. For
more information, see security advisory FreeBSD-SA-03:19. [MERGED]

The acpi(4) driver's
CPU component now supports idle states C1-C3 for both single and SMP systems, providing
power/heat savings when the processor is idle, according to ACPI 2.0. Additionally, the
throttling support has been updated to ACPI 2.0.

A bug that caused atkbd(4) to
register an AT keyboard during console initialization, even when no AT keyboard was
connected, has been fixed. kbdcontrol -k /dev/kbd1 is no longer
needed when only a USB keyboard is connected. [MERGED]

The cx(4) driver for
Cronyx-Sigma serial interfaces has been overhauled. As a part of this update, the
cxconfig userland configuration utility has been replaced by a newer sconfig(8)
utility.

The DRM kernel modules have been updated from DRI CVS as of 12 November 2003. Among
other changes, this change includes a newly-ported SiS 300/305/540/630/730 driver and
mostly-complete SMPng locking.

The dcons(4) ``dumb
console'' driver has been added to provide a local and remote console. It can be accessed
over FireWire using the dcons_crom(4)
driver. A dconschat(8)
utility provides user access to dcons(4)
devices.

A multi-byte character set conversion method is now supported by the LIBICONV kernel option.

The hifn(4) driver
now supports symmetric crypto for the 7955 and 7956 chipsets. [MERGED]

The safe(4) driver
has been added to support SafeNet 1141- and 1741-based crypto accelerators. [MERGED]

Warning: This driver should be considered experimental and and should be used
with some caution.

Note: The public key support is not implemented.

The uart(4) driver
has been added to support various classes of UART (Universal Asynchronous
Receiver/Transmitter) devices. It is an analog of the sio(4) driver
but supports a wider range of devices. This driver is necessary to support serial ports
on certain architectures, such as ia64 and sparc64.

The swap pager has been revamped. Among user-visible changes are a change in the
layout policy (from fixed-width striping to a round-robin across devices) for better I/O
throughput, the elimination of compile-time limits on the number of swap devices, and a
reduction in memory overheads.

Large changes have been made to the i386 machine-dependent code to improve interrupt
routing and handling, as well as SMP support. Two major user-visible changes are that SMP
kernels can run on UP systems and that SMP functionality is now enabled by default in the
GENERIC kernel. Also, the options
APIC_IO kernel option has been replaced by device
apic.

An integer overflow that could cause kernel panics on PAE machines of certain large
memory sizes has been corrected.

Floating point emulation in the kernel has been removed.

Problems with some Pentium 4 CPUs and some older Pentium Pro and Pentium II CPUs have
been worked around. Typically these manifested themselves as memory corruption or
unexplained crashes.

Logical CPUs (with HyperThreading) are now enabled according to BIOS settings
(previously, they were disabled by default and had to be enabled explicitly).

A bug in the bge(4) driver
that prevented it from working correctly at 10 Mbps has been fixed.

The em(4) driver now
has support for tuning the interrupt delays using sysctl tunables without recompiling the
driver.

The fatm(4) driver
has been added. This is a driver for NATM and NgATM that supports Fore/Marconi PCA200 ATM
cards.

The harp(4) driver
has been added. This is a pseudo physical interface driver for HARP, which attaches to
all NetGraph ATM interfaces in the system and presents a physical interface to the HARP
stack for each of these interfaces.

The hatm(4) driver
has been added to support Fore/Marconi HE155 and HE622 ATM cards.

The hfa driver has been updated to firmware version 4.1.12 and now supports a limited
number of CBR channels.

The patm(4) driver
has been added to support IDT77252 based ATM interfaces.

The re(4) driver has
been added. It provides support for the RealTek RTL8139C+, RTL8169, RTL8169S and RTL8110S
PCI Fast Ethernet and Gigabit Ethernet controllers.

A new utopia(4) driver
supports 25MBit/sec, 155MBit/sec and 622MBit/sec ATM physical layer configuration, status
and statistics reporting for the most commonly used ATM-PHY chips.

The suspend/resume support for the wi(4) driver now
works correctly when the device is configured down. [MERGED]

The wi(4) driver
should once again work correctly with Lucent 802.11b interfaces.

The 802.11 support layer has been rewritten to allow for future growth and new
features.

The xe(4) driver now
supports CE2, CEM28, and CEM33 cards, and multicast(4)
datagrams. Also several bugs in the driver have been fixed.

A number of network drivers have had their interrupt handlers marked as MPSAFE,
meaning they can run without the Giant lock. Among the drivers so converted are: ath(4), em(4), ep(4), fxp(4), sn(4), wi(4), and sis(4).

The ip_flow feature in the IPv4 protocol implementation has
been replaced by the ip_fastforward feature. ip_fastforward attempts to speed up simple cases of packet
forwarding, processing a forwarded packet to an outgoing interface without queues or
netisrs. If it cannot handle a particular packet, it passes that packet to the normal
ip_input routines for processing. This feature can be enabled
by setting the net.inet.ip.fastforwarding sysctl variable to
1.

The IP_ONESBCAST option has been added to enable undirected
ip(4) broadcasts
to be sent to specific network interfaces.

A bug in ipfw(4) limit
rule processing that could cause various panics has been fixed. [MERGED]

ipfw(4) rules
now support comma-separated address lists (such as 1.2.3.4,
5.6.7.8/30, 9.10.11.12/22), and allow spaces after commas to make lists of
addresses more readable. [MERGED]

ipfw(4) rules
now support C++-style comments. Each comment is stored together with its rule and appears
using the ipfw(8)show command. [MERGED]

ipfw(8) can now
modify ipfw(4) rules in
set 31, which was read-only and used for the default rules. They can be deleted by ipfw delete set 31 command but are not deleted by the ipfw flush command. This implements a flexible form of ``persistent
rules''. More details can be found in ipfw(8).
[MERGED]

The ng_atmpif(4)
NetGraph node type has been added. It emulates a HARP physical interface, and allows one
to run the HARP ATM stack without real hardware.

Kernel support has been added for Protocol Independent Multicast routing (pim(4)).
[MERGED]

The FreeBSD Bluetooth protocol stack has been updated:

libsdp has been re-implemented under a BSD style license.
This is because the Linux BlueZ code is distributed under the GPL.

The hccontrol(8)
utility now supports four new commands: Read/Write_Page_Scan_Mode and
Read/Write_Page_Scan_Period_Mode.

The hcsecd(8) daemon
now stores link keys on a disk. It is no longer required to pair devices every time.

A NetGraph timeout problem in the ng_hci(4) and ng_l2cap(4)
kernel modules, which could cause access to a data structure that was already freed, has
been fixed.

The ng_ubt(4)
module, which cannot be built on FreeBSD 5.1-RELEASE, has been fixed.

rfcomm_sppd(1)
and rfcomm_pppd(8)
now support to query the RFCOMM channel via SDP from the server. Specifying the RFCOMM
channel manually, this behavior can be disabled and these utilities will not use SDP
query.

The sdpcontrol(8)
utility, which is analogous to the sdptool utility in the Linux BlueZ SDP package, has
been added.

A number of fixes and updates to the IPv6 and IPSec code have been imported from the
KAME Project.

Support for the IPv6 Advanced Sockets API now conforms to RFC 3542 (also known as RFC
2292bis), rather than RFC 2292. Applications using this API have been updated
accordingly.

Support for the source address selection part of RFC 3484 has been added. The ip6addrctl(8)
utility can be used to configure the address selection policy.

The tcp_hostcache feature has been added to the TCP
implementation. It caches measured parameters of past TCP sessions to provide better
initial start values for following connections from or to the same source or destination.
Similar information that used to be stored in the routing table has been removed.

A major rework of the ata(4) driver
has been committed. One of the more notable changes is that the ata(4) driver is
now out from under the Giant kernel lock. Note that ATA software RAID systems must now
include device ataraid in their kernel configuration files, as
it is no longer automatically implied by device atadisk.

The da(4) driver no
longer tries to send 6-byte commands to USB and FireWire devices. The quirks for these
devices (which hopefully are now unnecessary) have been disabled; to restore the old
behavior, add options DA_OLD_QUIRKS to the kernel
configuration. [MERGED]

Multi-byte character conversion with the cd9660, msdosfs, ntfs, and udf filesystems is
now supported by including the CD9660_ICONV, MSDOSFS_ICONV, NTFS_ICONV, and UDF_ICONV kernel options, respectively.

Some off-by-one errors in the smbfs that prevented it from working correctly with
15-character NetBIOS names have been fixed.

The sizes of some members of the statfs structure have
changed from 32 bits to 64 bits in order to better support multi-terabyte
filesystems.

Users performing source upgrades across this change must ensure that their kernel and
userland bits are in sync, by following the documented source upgrade procedures.

A backward compatibility version of the statfs(2) system
call exists but only if the COMPAT_FREEBSD4 kernel option is
defined. Including this option in the kernel is strongly encouraged.

arp(8) now
supports a -i option to limit the scope of the current
operation to the ARP entries on a particular interface. This option applies to the
display operations only. It should be useful on routers with numerous network interfaces.
[MERGED]

The asf(8) utility,
which helps load the symbol files from KLDs into a gdb(1) debugging
environment, has been added.

The atmconfig(8)
program has been added for configuration of the ATM drivers and IP-over-ATM
functionality.

chroot(8) now
allows the optional setting of a user, primary group, or group list to use inside the
chroot environment via the -u, -g,
and -G options respectively. [MERGED]

The compat4x.i386 libraries have been updated to correspond
to those available in FreeBSD 4.9-RELEASE.

The dev_mkdb utility is unnecessary due to the mandatory presence of devfs, and has
been removed.

dhclient(8) now
polls the state of network interfaces and only sends DHCP requests on interfaces that are
up. The polling interval can be controlled with the -i
option.

The default mode for the lost+found directory of fsck(8) is now
0700 instead of 01777. [MERGED]

fsck_ffs(8) and
newfs(8) now
create a .snap directory in the root directory of each
filesystem, with group operator. fsck_ffs(8), mksnap_ffs(8),
and dump(8) will
write their filesystem snapshots to this directory. This change avoids locking access to
the root directory of a filesystem during snapshot creation and also helps non-root users create snapshots.

The ffsinfo(8)
utility has been updated to understand UFS2 filesystems and has been re-enabled.

The iasl(8) utility,
a compiler/decompiler for ACPI Source Language (ASL) and ACPI Machine language (AML), has
been added.

ifconfig(8) now
supports a staticarp option for an interface, which disables
the sending of ARP requests for that interface.

A fix in the initgroups(3)
library function now causes logins to fail if the login process is unable to successfully
set the process credentials to include all groups defined for a user. The current kernel limit is 16
groups; administrators may wish to check that users do not have more than 16 groups
defined, or they will be unable to log in.

The ipfw(8)list and show commands now support
ranges of rule numbers. [MERGED]

ipfw(8) now
supports a -n flag to test the syntax of commands without
actually changing anything. [MERGED]

kdump(1) now
supports a -p option to display only the trace events
corresponding to a specific process, as well as a new -E flag
to display timestamps relative to the start of the dump.

last(1) now
supports a -n flag to limit the number of lines in its output
report.

The libalias library, natd(8), and ppp(8) now
support Cisco Skinny Station protocol, which is the protocol used by Cisco IP phones to
talk to Cisco Call Managers. Note that currently having the Call Manager behind the NAT
gateway is not supported. [MERGED]

The libcipher DES cryptography library has been removed. All
of its functionality is provided by the libcrypto library, and
all base systems programs that used libcipher have been
converted to use libcrypto instead.

The libkiconv library has been added to support working with
loadable character set conversion tables in the kernel.

The libthr 1:1 threading library is now built by
default.

libwrap and tcpdchk(8) are
now configured to support the extended tcp_wrappers syntax by
default.

The locale(1)
utility has been re-implemented and is now POSIX-compliant. A new -m option shows all available codesets.

The mount(8) utility
now supports to display the filesystem ID for each file system in addition to the normal
information when a -v flag is specified, and the umount(8)
utility now accepts the filesystem ID as well as the usual device and path names. This
allows to unambiguously specify which file system is to be unmounted even when two or
more file systems share the same device and mount point names.

The mount_cd9660(8),
mount_ntfs(8),
and mount_udf(8)
utilities now support a -C option to specify local character
sets to convert Unicode filenames. It is possible to specify multi-byte character sets
using this option.

The mount_msdosfs(8)
utility now supports a -M option to specify the maximum file
permissions for directories in the file system. [MERGED]

The mount_msdosfs(8)
utility now supports a -D option to specify MS-DOS codepages
and a -L option to specify local character sets. They are used
to convert character sets of filenames. The /usr/libdata/msdosfs tables have been retired.

uname(1) now
supports a -i flag to return the kernel identification. This
name is also available via the kern.ident sysctl variable.

A number of utilities available in /bin and /sbin are now available as a statically-linked ``crunched'' binary
that lives in /rescue. This functionality is similar to the /stand directory installed by sysinstall(8),
but /rescue includes more functionality and is updated as part
of buildworld/installworld
operations. More details can be found in rescue(8).

Many executables in /bin and /sbin
are now built using dynamic, rather than static linking. This feature brings support for
loadable PAM and NSS modules to base system utilities located in those directories. It
also reduces the storage requirements for the root filesystem due to the use of shared
libraries. This feature can be disabled in a buildworld by
defining the Makefile variable NO_DYNAMICROOT. Note that
statically-linked, crunched executables are available in the /rescue directory for use during system repair and recovery
operations.

The ACPI-CA code has been updated from the 20030228
snapshot to the 20030619 snapshot.

amd has been updated from 6.0.7 to 6.0.9.

awk from Bell Labs has been updated from a 14 March 2003
snapshot to a 29 July 2003 snapshot.

BIND has been updated from 8.3.4 to 8.3.7. [MERGED]

GCC has been updated from 3.2.2 to a 3.3.3 post-release
snapshot from 6 November 2003.

Note: Previous versions of GCC generated incorrect
code when -march=pentium4 optimization was enabled. This
problem is believed to have been fixed with this upgrade, and the earlier workaround for
the case of CPUTYPE=p4 has been removed.

GNU Readline has been updated from 4.2 to 4.3.

GNU Sort has been updated from the version in textutils
2.0.21 to the version in textutils 2.1.

Heimdal Kerberos has been updated from 0.5.1 to 0.6.

The ISC DHCP client has been updated from 3.0.1rc11 to
3.0.1rc12.

lukemftp has been updated from 1.6beta2 to a 11 November
2003 snapshot from NetBSD.

OpenPAM has been updated from the ``Dianthus'' release to
the ``Dogwood'' release.

OpenSSL has been updated from 0.9.7a to 0.9.7c.
[MERGED]

sendmail has been updated from version 8.12.9 to version
8.12.10. [MERGED]

texinfo has been updated from 4.5 to 4.6. [MERGED]

The timezone database has been updated from the tzdata2003a
release to the tzdata2003d release. [MERGED]

If GNU_CONFIGURE is defined, all instances of config.guess and config.sub found under
WRKDIR are replaced with the master
versions from PORTSDIR/Template. This
allows old ports (which contain old versions of these scripts) to build on newer
architectures like ia64 and amd64.

To reduce duplication of information (and subsequent difficulty in maintaining
consistency), many instances of specific devices supported in the Hardware Notes have
been moved to system manual pages. This project is ongoing as of this release.

Users with existing FreeBSD systems are highly encouraged to read the ``Early Adopter's Guide to
FreeBSD 5.2-RELEASE''. This document generally has the filename EARLY.TXT on the distribution media, or any other place that the
release notes can be found. It offers some notes on upgrading, but more importantly, also
discusses some of the relative merits of upgrading to FreeBSD 5.X versus running FreeBSD 4.X.

Important: Upgrading FreeBSD should, of course, only be attempted after backing
up all data and configuration
files.